whitepaper Configuring Hard Disk Security Using HP Web Jetadmin 10.2 Table of Contents: Introduction ................................................................................................................. 2 Secure Erase Technology............................................................................................ 2 Data Affected ........................................................................................................... 2 Default Setting .......................................................................................................... 3 Specification............................................................................................................. 3 Configuring WJA for Disk Security.................................................................................. 4 Automatic Groups ..................................................................................................... 4 Create and Configure Automatic Group ....................................................................... 5 Create Secure Disk Device View.................................................................................. 6 Identifying Unsecured Devices ..................................................................................... 8 Configuring Secure Erase Mode .................................................................................. 8 Create Configuration Template.................................................................................... 9 Apply Configuration Template................................................................................... 10 Set Configuration Template as Group Policy................................................................ 12 Verify Secure Erase Mode Configuration .................................................................... 13 Page 1 Introduction This document describes how to configure print and imaging devices with HP’s Secure File Erase using Web Jetadmin 10.2. The Secure File Erase feature ensures that any part of a fax, copy, digital send, or print job is securely removed from the device. There are 3 options: Nonsecure fast erase (erases indexes only), Secure fast erase (overwrites data), and Sanitizing erase (overwrites data multiple times). Secure Erase Technology Normally when a file is deleted from a HDD, the filename entry is erased from the disk’s file allocation table, removing the file’s presence. The file’s data still exists in the disk’s individual sectors and is overwritten only when that sector is allocated for a different file. HP Secure Erase technology overwrites a deleted file’s data from the individual sectors with random data using either a one pass or three pass overwrite, which conform to U.S. Department of Defense 5220-22.M and NIST SP 800-88 specifications. To enable HP Secure Erase, configure the “File Erase Mode” setting: • Non-secure Fast Erase mode: Marks the print job data as deleted only • Secure Fast Erase mode: Performs a one pass overwrite of job data which is sufficient to prevent data from diagnostic recovery per NIST SP800-88 guidelines. • Secure Sanitizing Erase mode: Performs a three pass overwrite of job data as recommended by the US Department of Defense 5220.22M specification. For an explanation of each erase algorithm, see Specifications. HP Secure Erase technology is applied in two different ways to remove data from HDD storage devices. • Secure File Erase overwrites files on a continuous basis as soon as they are no longer needed to perform the required function. This is initiated by setting the “File Erase Mode” setting to either “Secure Fast Erase” or “Secure Sanitizing Erase”. • Secure Storage Erase removes all non-essential data from storage devices in a manor consistent with preparation for decommissioning or redeployment. This operation can be initiated on demand or scheduled for a later date and time. Data Affected Secure File Erase When enabled, all data removed from the system by a delete operation is erased using a secure erase mode, either Secure Fast Erase or Secure Sanitizing Erase. This includes • Temporary files created during the print, scan, fax, and copying processes • User initiated delete operations including the four Job Storage type documents o Stored Job (manual delete) o Quick Copy (manual delete) Page 2 o Personal Job (deleted when printed or system reset) o Proof and Hold (deleted when printed or system reset) • Stored Faxes (deleted when printed) Secure Storage Erase Secure Storage Erase will always use a secure erase mode, either Secure Fast Erase or Secure Sanitizing Erase, defaulting to Secure Fast Erase if Non-secure Fast is the currently configured erase mode. Secure Storage Erase overwrites the entire disk including • Job Storage documents (even though they have not been retrieved) • Stored Faxes (even though they have not been retrieved) • Installed 3rd party solutions • Installed fonts Secure Storage Erase will not impact • Flash-based non-volatile RAM containing default printer settings, page counts, etc. • Flash-based system boot RAM • Configuration settings for Digital Sending and Authentication when stored on the system hard disk. Note: After a Secure Storage Erase completes, the file structure is re-established and the above disk based configurations are restored. Default Setting Prior to the introduction of Secure Erase technology, all HP printing devices used a method similar to the Non-Secure Fast Erase method for file delete operations. The default erase mode on supported devices is Non Secure Fast Erase. Change the “File Erase Mode” setting from the factory default to benefit from HP Secure Erase Technology’s additional security. Changing the file erase mode from Non-Secure Fast Erase to Secure Fast Erase or Secure Sanitizing Erase does not overwrite previously stored data on the disk, nor does it immediately perform a full Secure Storage Erase. Changing the erase mode dictates how the MFP erases data after the file erase mode has been changed. Specifications Secure Fast Erase mode meets the National Institute of Standards and Technology Special Publication 800-88, Guidelines for Media Sanitization. For Secure Fast Erase, each deleted file’s data is overwritten once with: • the hexadecimal character 0x48. Page 3 Secure Sanitizing Erase mode meets the U.S. Department of Defense 5220-22.M specification using a succession of multiple data overwrites. For Secure Sanitizing Erase, each deleted file is overwritten with: • the fixed character pattern (binary 01001000). • the compliment of the fixed character pattern (binary 10110111). • a random character: o A 32k byte buffer of random characters is generated for each file delete operation using the device’s unique uptime as the seed. o Each byte of file data uses a unique random character from the buffer. o The random character buffer is reused up to 32 times, and then regenerated using new random data. To ensure successful completion of each overwrite operation, each overwritten byte is verified. Note: NIST SP-800-88 “Guidelines for Media Sanitization” (Sept 2006) supersedes the US DOD 5220-2.M (1997 edition) specification. Configuring WJA for Disk Security Web Jetadmin can be leveraged to identify devices with hard disks as well as secure them. By using automatic groups and configuration templates, a fleet of print and imaging devices can be centrally managed. Automatic Groups Automatic groups can self populate themselves with devices based on user specified filter criteria. For this disk security exercise, “Hard Disk” will be used. A custom view will be created in order to identify the current configuration of the devices and to see which need remediation. In addition to the default layout, the view will consist of: Hard Disk Secure Disk Secure Disk Status File System Password Secure Erase Method Page 4 Create and Configure Automatic Group Step 1. Right click on “Groups” in the Device Management pane. Step 2. Select the “New Group” menu item. Step 3. Enter a group name such as “Disk Security” Step 4. Select the automatic group radio button. Step 5. Click “Next” Step 6. On the next window of the create group wizard, select “add”. Page 5 Step 7. The device property dialog box is displayed. Ensure that “standard” is displayed in the “Show device properties” drop down. Then click on the “Device Property” drop down and scroll until you find “Hard Disk”. Select “Hard Disk”. Make sure that the “Filter Function” is set to equal and that the “Value” is set to “Yes”. Click OK. Step 8. Click “Next” then click “Create Group” Create Secure Disk Device View With a custom secure disk device view, devices that need to be remediated can be easily identified. Additionally, the view can be filtered and exported to a csv file. The secure disk data items are: Hard Disk Secure Disk – Encrypted hard disk Secure Disk Mode – Encryption enabled/disabled File System Password – required to be set in order to configure secure erase Secure File Erase Mode – Secure fast erase / Secure sanitizing erase Step 1. Click on the Disk Security group and select the default layout. Step 2. Right click on the column heading to select new data items. Click on customize at the bottom in order to display full list of data items. Page 6 Step 3. Select data item, then click on right angle bracket to move to right hand pane. Click OK when done. Step 4. Click on the “Layouts” drop down in the device view pane and select “Save as”. Enter “Disk Security” in the name field, then click OK. This custom view will be stored under the “Shared” menu item. Page 7 Identifying Unsecured Devices Once the automatic group has finished populating itself with the secure disk view, the current secure erase mode can be easily indentified. Click on the secure erase mode column heading in order to sort by erase mode. Those devices that are configured with “Non-secure Fast Erase” are unsecured. In order to configure the secure erase mode, the file system password must be set. You can set the file system password by selecting all of the devices without the file system password, then select the config tab / file system / file system password. That will display the file system password configuration fields. Keep the current password field blank, then add and confirm the file system password. Hit apply at the bottom right when finished. Configuring Secure Erase Mode The best way to configure print and imaging devices is to use configuration templates. Configuration templates are used to store device settings and apply those settings to one or more devices. This can be done to keep device configurations consistent and to make it easy to apply a common set of settings on a regular basis. Templates are an easy way to change the settings for regularly scheduled configurations, without having to recreate the entire schedule. Templates can also be used to save many settings from a device, either for backup purposes or to apply to similar devices. Page 8 Create Configuration Template Step 1. Right click on the “configuration” device management task module and select “create configuration template” from the menu. Step 2. Name the template, then expand the “File System” device settings category. Select “Secure File Erase Mode” and check the box next to the secure file erase drop down. Select appropriate mode, then click next. Page 9 Step 3. Confirm selections, then select create template. Select “done” when displayed. Apply Configuration Template (Option 1) Step 1. Right click on the “configuration” device management task module and select “Apply configuration template” from the menu. Step 2. From the “use template” drop down, select the “disk security” template and click next. Page 10 Step 3. Select the “groups” radio button as the selection method and choose the “Disk Security” group. Click next. Step 4. Confirm, then click apply. Step 5. Click “done” when displayed. Click on the details button in the lower left hand part of this window for specific status. Page 11 Set Configuration Template as Group Policy (Option 2) Step 1. Right click on the “Disk Security” automatic group. Select “Edit group policies…” from the menu. Step Step Step Step Step 2. 3. 4. 5. 6. Click the “Add” button. Select “Configure Devices” from the Policy drop down. Make sure the trigger field is set to “Devices added to group”. Select the “Disk Security” configuration template from the “Policy action” drop down. Click “add” then “close”. Click “Next”, then “Save policies”. Page 12 Verify Secure Erase Mode Configuration Step 1. Click on the “Disk Security” group in order to display the group devices. As Web Jetadmin configures these devices, the “Secure File Erase Mode” column will reflect this configuration change. Notice: ©2010 Hewlett-Packard Company Neither HP, nor any of its subsidiaries, shall be liable for technical or editorial errors or omissions contained herein. The information in this publication is provided "as is" without warranty of any kind and is subject to change without notice. Document Attributes Author: John Greer, Steve Miller Product Document Version: 1.0, July 2010 Page 13